class SessionsController < ApplicationController
    def new

    end
    def create
#这里验证这个用户是否存在，密码是否正确，在model的方法authenticate里面
      @user = User.authenticate(login_params["login"],login_params["password"])
      if @user
        session[:user_id] = @user.id
        flash[:notice] = "Weclome #{@user.login}"
        redirect_to posts_path
      else
        flash[:notice] = "The login or password is not correct."
        redirect_to new_session_path
      end

    end
    private

    def login_params
        params.require(:users).permit(:login,:password)
    end

end